>>> Has anyone configured squid as a logging only server? I >>> just want to monitor Internet access without caching or >>> forwarding of traffic.
>> See the FAQ
> Actually, the answer is no, you can't have squid log without > at least proxying (forwarding) your web traffic.
Correct. I just guessed that the OP simply mis-phrased the question.
After all, if they don't plan to have Squid process their traffic, why would they even bother installing it?
To log outbound web traffic -- what web sites/pages their users are visiting. You might be able to do something with "iptables -p tcp --dport 80 -j LOG" and then write a perl script to do DNS lookups, but that doesn't give you the URL.
You could use "tcpdump -x port 80" on an edge router and store the output, then scan it for HTTP headers with a perl script. But that would consume huge amounts of I/O time and disk space.
Probably a layer 7 switch/router can do this. Someone could write a program that uses promiscuous mode to do it also.
-- ========================= Tom Lahti Tx3 Online Services
(888)4-TX3-SVC (489-3782) http://www.tx3.net/ -- =========================
